TELUS Second Level Navigation

Marquee Widget

Security on our websites

Tabbed Content Widget

How can I report a suspected fraud?

If you are aware of fraudulent activity against TELUS customers/believe that someone around you is committing fraud against TELUS customers, you can report the abusive activity at fraud@telus.com

How can I report spam or phishing on my telus.net email account?

If you receive spam or phishing emails on your telus.net email account, please send the email directly to report_spam@telus.net along with the email header information. Instructions on how to include the email header can be found here: Internet Abuse - FAQ

Why does TELUS ask me to provide personal information online?

Our goal is to make your online interaction with TELUS as valuable as possible by providing you with a personalized Web experience. To deliver information that is relevant to your needs, we will collect some personal information online.

We promise to protect the information you provide online in the same way we protect all our customer information. We take privacy seriously, as you can see in our privacy commitment .

TELUS will not share your e-mail address with anyone outside of our company; nor will we disclose any other information you provide to outside parties.

How do I know the information I provide is kept secure?

Your TELUS account is not automatically accessible via the Internet. Once you request online access to your account, we request specific information about you and your account to confirm your identity.

We then use several security measures to confirm this information, and only then do we allow online access to your account information.

What specific measures does TELUS take to secure my online transactions?

We use several technological tools to provide security on the website, including:

The Secure Socket Layer, which protects the information you transmit and prevents interception by unauthorized parties

A firewall, which restricts unauthorized access to our internal networks where your information is stored.

We also maintain and monitor an audit log, which tracks the use of our security processes and highlights any suspicious activity.

The Secure Socket Layer

The Secure Socket Layer is an industry standard protocol used for communication between your Web browser and the Web server. It provides authentication, data integrity and encryption.

Your browser may give you a message indicating you are entering a secure website. You may also see a blue box outlining the secure page. And if you usually see a broken key or open lock in the lower left corner of your screen, you'll notice it change to a full key or closed lock.

Verisign Secure Site Seal

The TELUS website uses Verisign, the strongest security available for websites. You can validate computer server IDs and status at any time by clicking on the Verisign logo.

Authentication

Authentication confirms that you are who you say you are, and verifies that you are communicating with the TELUS Web server. There are two parts to the authentication process:

The Secure Socket Layer uses digital certificates to confirm with your Web browser that you are accessing the TELUS Web server.

Your User ID and password is confirmed to ensure account information is provided only to the correct User ID and corresponding password. An incorrect User ID or password will result in failure to access account information.

Data integrity

The Secure Socket Layer ensures that any alteration to the contents of your message, either intentional or by accident, will be identified and handled in an appropriate manner.

Encryption

The Secure Socket Layer encrypts or "scrambles" the content of your message as it travels across the Internet, making it difficult for unauthorized interceptors to understand. Encryption codes the information in your message, ensuring that it can only effectively be decoded by the TELUS Web server.

Firewall

A firewall is a device, usually consisting of software and hardware, which separates computers with sensitive information on an internal network from an external network such as the Internet. Its purpose is to limit the types of traffic that enter the internal network to prevent malicious attacks on internal computers. By using a firewall, TELUS is ensuring your information is always protected.

What can I do to keep my information secure?

There are some easy steps you can take to keep your information secure:

Memorize your User ID and password rather than writing them down. If you must write them down, keep them in separate and secure locations.

Do not share your User ID and password with anyone else.

Do not leave your computer unattended while the browser is still running.

Empty your disk cache at the end of your Web session. To do this, select the menu item that allows you to empty disk cache.

Set your disk cache to 0.

All Web browsers have a default setting that caches their web activity. This means your browser copies the information you see on-screen, like graphics and text files, to the memory and hard disk of your computer. Once loaded into your cache, the browser no longer has to download the information through the Internet, which makes revisiting a website or exploring a new website faster.

Other people who access your computer can access the disk cache and may be able to view the contents of your previous Web activity. You can set your disk cache to 0 to ensure nothing is stored on your hard disk. You won't be able to access previously viewed pages as quickly, but your security will be enhanced.

How long will my user session last after I log in to telus.com? If it expires, will I have to log in again?

A user session is a period of time when you have logged in to telus.com and are navigating through the site.

For your security and protection, telus.com has been designed to end your session automatically if there has been no activity for approximately 30 minutes. Therefore, if you haven't provided any instructions or used the browser buttons to navigate within our services for approximately 30 minutes, the connection will automatically end and you will need to log in again with your username and password.

Phishing - Online fraud designed to steal your valuable personal data such as credit card numbers, passwords, account data or other information; often featuring official-looking logos and other identifying information taken from legitimate web sites

Hacking - Using illegal means to gain access to online accounts

What your information can be used for?

Identity thieves can use your stolen personal information to apply for new credit cards in your name, open new wireless accounts in your name, apply for government benefits and more.

How does TELUS protect you?

At TELUS we are committed to providing our customers, employees, stakeholders and third parties with information and resources to mitigate risk the risk of fraudulent activities occurring. We require a password/pin on your TELUS account; in addition TELUS provides security and privacy training courses to all TELUS employees on a regular basis. If you are aware of fraudulent activity against TELUS customers/believe that someone around you is committing fraud against TELUS customers, you can report the abusive activity at fraud@telus.com.

How can you protect yourself?

To protect yourself, you can take appropriate measures such as using passwords for your cell phone, carefully reading emails which ask for personal information, and shredding personal and confidential information prior to disposal.

How to avoid becoming a victim?

Give out no more than the minimum required, and carry only the identification and credit cards you need when traveling, whether locally or out of town.

Be particularly careful about your Social Insurance Number (SIN); it is an important key to your identity, especially in credit reports and government databases.

Don't give your credit card number on the telephone, by electronic mail, or to a voice mailbox, unless you know the person with whom you're communicating or you initiated the communication yourself, and you know that the communication channel is secure.

Take advantage of technologies that enhance your security and privacy when you use the Internet, such as digital signatures, data encryption, and "anonymizing" services.

Pay attention to your billing cycle. If credit card or utility bills fail to arrive, contact the companies to ensure that they have not been illicitly redirected.

Notify creditors immediately if your identification or credit cards are lost or stolen. It is a good idea to make a photocopy of all the information (both sides) you carry in your wallet/purse and keep in a secure location. With this have the contact numbers to call in order to cancel all of your cards. Most credit card companies have a 24-hour toll-free number to report lost/stolen cards. If you re-open an account make sure they have your correct address.

Access your credit report from a credit-reporting agency once a year to ensure it's accurate and doesn't include debts or activities you haven't authorized or incurred. The 2 major credit-reporting agencies in Canada are: Equifax Canada Inc. 1-800-465-7166 and TransUnion of Canada 1-800-663-9980.

Ask that your accounts require passwords before any inquiries or changes can be made, whenever possible.

Choose difficult passwords - not your mother's maiden name, and unique PIN(s) -not your birthday. Memorize them and change them often. Don't write them down and leave them in your wallet/purse, or some equally obvious place.

Key in personal identification numbers privately when you use debit machines, bank machines, or telephones. Keep your card in view at all times and retrieve it as soon as possible after the transaction is complete. Make sure the card is in fact yours.

Do not sign a blank charge slip. Never leave your receipts behind, take them with you and destroy them when they are no longer required.

Find out if your cardholder agreement offers protection from credit card fraud; you may be able to avoid taking on the identity thief's debts.

There is a wealth of information to be found in your garbage. Be careful what you throw out. Burn or shred (preferably cross-cut) personal financial information such as statements, pre-approved credit card applications, receipts, insurance forms, etc. Insist that businesses you deal with do the same.

You've become a victim. What can you do about it now?

Report the crime to the police immediately. Ask for a copy of the police report so that you can provide proof of the theft to the organizations that you will have to contact later.

Take steps to undo the damage. Avoid "credit-repair" companies: there is usually nothing they can do, and some have been known to propose a solution, establishing credit under a new identity, that is itself fraudulent.

Document the steps you take and the expenses you incur to clear your name and re-establish your credit.

Cancel your credit cards and get new ones issued. Ask the creditors about accounts tampered with or opened fraudulently in your name.

Have your credit report annotated to reflect the identity theft. Do a follow-up check three months after to ensure that someone has not tried to use your identity again.

Close your bank accounts and open new ones. Insist on password-only access to them.

Get new bank machine and telephone calling cards, with new passwords or personal identification numbers.

In the case of a lost or stolen passport. Call the Canadian passport office at 1-800-567-6868.

Contact Canada Post if you suspect that someone is diverting your mail. Customer Service 1-800-267-1177

Advise your telephone, cable, and utilities that someone using your name could try to open new accounts fraudulently.

What is Phishing?

Phishing (pronounced “fishing”) is a scam where a fraud artist sends a fraudulent email, SMS text message, phone call or post mail that appears to come from a reputable source, such as a bank, online auction, financial group, etc. The message may indicate that there is a problem with your account information, or that they are upgrading their customer database. It will then ask you to provide personal financial data such as credit card numbers, account usernames and passwords, social insurance numbers, etc. so as to update their records. If the victim provides this information, it is then used to commit identity theft and fraud at the victim's expense. The phishing email appears legitimate as the phishers commonly copy the banners, icons, symbols, colours and images directly from an institution's official website. They then create their own website or email message using these details, and send a message claiming that they require your information for some administrative purpose, such as database updates, account expirations, or account verifications.

Things to watch out for :

If you receive an email regarding an account from an organization you do not belong to, it is likely a scam.

Official emails and sites will most likely provide contact information, whether it is an address, telephone number, or toll free telephone number with a voice recording. If you're still in doubt, call the local branch of the company on the email. They will either confirm or deny the validity of the message.

Official emails will most likely be addressed to you personally. Because phishing emails are sent en masse, it is nearly impossible to input specific names to a specific recipient so they will most likely not be addressed to you personally.

Fraudsters will always refer you to an Internet link to go to provide your personal information. DO NOT CLICK ON THIS LINK! By doing so, you may also notify the originator of the email that it is an active email address and you can be later bombarded with spam mail.

Ensure that any on-line transactions involving personal information is done so by secure means. There are two simple ways to determine this:

Check the beginning of the Web address bar on your browser. It should say "https://" to indicate a secure connection, as opposed to "http://"

Your web browser has a little padlock icon, usually located either at the bottom left or bottom right corner. When the padlock is "locked" it indicates that the connection is secured with encryption. When the padlock is "unlocked" it indicates that the connection is not secure